Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
Synology Download Station 安全漏洞
Vulnerability Description
Synology Download Station是一款浏览器扩展。可以在不访问 群晖 网页版本的情况下,浏览下载中心套件的正在下载与已下载任务,还可以添加任务。 Synology Download Station 3.8.16-3566之前的版本存在安全漏洞,该漏洞源于Synology下载站的cgi组件存在不当的特权管理,远程攻击者可利用该漏洞通过未指定的向量执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A